Application No.: 09/652,360 



Docket No.: 418268758US 



AMENDMENTS TO THE CLAIMS 

The listing of claims will replace all prior versions, and listings, of claims in the 
application: 

1-25. (Cancelled) 

26. (Currently Amended) A computer-readable medium having stored thereon a 
data structure having a plurality of fields, the data structure comprising: 

a plurality of client identifier fields that each identify a client computer system that is 
connected to a server computer system; and 

for each identified client computer system, the data structure further comprising at 
least one authentication field that identifies an authentication method to be 
used by the server computer system for authenticating the client computer 
system upon receiving a request from the client computer system for service, 
the authentication method having been selected based on authentication 
abilities and access rights of the subs e t of client computer systems so that 
the subs e t of client computer systems need not unnecessarily reveal secret 
information. 

27. (Previously Presented) The computer-readable medium in accordance with 
Claim 26, wherein each client identifier field identifies a different single client computer 
system. 

28. (Previously Presented) A computer-readable medium as recited in claim 26, 
wherein the server computer system has access to the data structure prior to receiving the 
request from the client computer system. 
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29. (Currently Amended) A computer-readable medium as recited in claim 26, 
wherein the data structure is further configured to be altered upon being stored, so as to 
allow a client computer system to use additional authentication methods. 

30. (New) A method in a server computer of authenticating client computer 
systems, the method comprising: 

receiving from a controlling client computer system an instruction that indicates an 
authentication methodology that is to be used to authenticate a client 
computer system, the authentication methodology being selected from 
multiple authentication methodologies based on authentication abilities and 
access rights of the client computer system; and 

upon receiving a request from the client computer system to access a service of the 
server computer, authenticating the client computer system using the 
indicated authentication methodology. 

31. (New) The method of claim 30 wherein the instruction indicates that multiple 
authentication methodologies can be used to authenticate the client computer system and 
wherein the client computer system is authenticated using one of the indicated 
authentication methodologies. 

32. (New) The method of claim 30 wherein the instruction indicates that the 
authentication methodology is to be used to authenticate multiple client computer systems 
and wherein the multiple client computer systems are authenticated using the indicated 
authentication methodology. 

33. (New) The method of claim 30 wherein the instruction indicates multiple 
authentication methodologies can be used to authenticate multiple client computer 
systems and wherein the multiple client computer systems are authenticated using one of 
the indicated authentication methodologies. 
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34. (New) The method of claim 30 wherein the authentication methodology is an 
assertion authentication. 

35. (New) The method of claim 30 wherein the authentication methodology is a 
basic HTTP authentication. 

36. (New) The method of claim 30 wherein the authentication methodology is 
digest authentication. 

37. (New) The method of claim 30 wherein the authentication methodology is an 
NTLM authentication. 

38. (New) A method in a controlling client computer system for providing 
authentication methodologies to a server computer system, the method comprising: 

generating an instruction that indicates an authentication methodology that is to be 
used to authenticate a client computer system, the authentication 
methodology being selected from multiple authentication methodologies 
based on authentication abilities and access rights of the client computer 
system; and 

sending the generated instruction to the server computer system so that upon 
receiving a request from the client computer system to access a service of 
the server computer system, the server computer system can authenticate 
the client computer system using the indicated authentication methodology. 

39. (New) The method of claim 38 wherein the instruction indicates that multiple 
authentication methodologies can be used to authenticate the client computer system and 
wherein the client computer system is authenticated by the server computer system using 
one of the indicated authentication methodologies. 
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40. (New) The method of claim 38 wherein the instruction indicates that the 
authentication methodology is to be used to authenticate multiple client computer systems 
and wherein the multiple client computer systems are authenticated by the server 
computer system using the indicated authentication methodology. 

41. (New) The method of claim 38 wherein the instruction indicates multiple 
authentication methodologies can be used to authenticate multiple client computer 
systems and wherein the multiple client computer systems are authenticated by the server 
computer system using one of the indicated authentication methodologies. 

42. (New) The method of claim 38 wherein the authentication methodology is an 
assertion authentication. 

43. (New) The method of claim 38 wherein the authentication methodology is a 
basic HTTP authentication. 

44. (New) The method of claim 38 wherein the authentication methodology is 
digest authentication. 

45. (New) The method of claim 38 wherein the authentication methodology is an 
NTLM authentication. 

46. (New) A computer-readable medium containing instructions for controlling a 
server computer system to authenticate entities, by a method comprising: 

receiving an instruction that indicates an authentication methodology that is to be 
used to authenticate an entity, the authentication methodology being selected 
from multiple authentication methodologies based on authentication abilities 
of the entity that indicate which authentication methodologies are supported 
by the entity; and 
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upon receiving a request from the entity to access a service of the server computer 
system, authenticating the entity using the indicated authentication 
methodology. 

47. (New) The computer-readable medium of claim 46 wherein the instruction 
indicates that multiple authentication methodologies can be used to authenticate the entity 
and wherein the entity is authenticated using one of the indicated authentication 
methodologies. 

48. (New) The computer-readable medium of claim 46 wherein the instruction 
indicates that the authentication methodology is to be used to authenticate multiple entities 
and wherein the multiple entities are authenticated using the indicated authentication 
methodology. 

49. (New) The computer-readable medium of claim 46 wherein the instruction 
indicates multiple authentication methodologies can be used to authenticate multiple 
entities and wherein the multiple entities are authenticated using one of the indicated 
authentication methodologies. 

50. (New) The computer-readable medium of claim 49 wherein the 
authentication methodology is selected from a group consisting of an assertion 
authentication, a basic HTTP authentication, a digest authentication, and an NTLM 
authentication. 
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